Re: [Ace] Assignment of OSCORE Sender and Recipient IDS - was RE: Review of draft-ietf-ace-oscore-profile
Christian Amsüss <christian@amsuess.com> Tue, 08 September 2020 13:32 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B4FD3A1229 for <ace@ietfa.amsl.com>; Tue, 8 Sep 2020 06:32:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TEI3F7GwySnn for <ace@ietfa.amsl.com>; Tue, 8 Sep 2020 06:32:22 -0700 (PDT)
Received: from prometheus.amsuess.com (alt.prometheus.amsuess.com [IPv6:2a01:4f8:190:3064::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6CD03A0C94 for <ace@ietf.org>; Tue, 8 Sep 2020 06:32:21 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd]) by prometheus.amsuess.com (Postfix) with ESMTPS id 5325A4075C; Tue, 8 Sep 2020 15:32:19 +0200 (CEST)
Received: from poseidon-mailbox.amsuess.com (poseidon-mailbox.amsuess.com [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 42E3D74; Tue, 8 Sep 2020 15:32:17 +0200 (CEST)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:94b3:9d57:e60a:85ec]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id 0B2FE121; Tue, 8 Sep 2020 15:32:17 +0200 (CEST)
Received: (nullmailer pid 188810 invoked by uid 1000); Tue, 08 Sep 2020 13:32:16 -0000
Date: Tue, 08 Sep 2020 15:32:16 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Jim Schaad <ietf@augustcellars.com>
Cc: ace@ietf.org
Message-ID: <20200908133216.GA182573@hephaistos.amsuess.com>
References: <029401d68553$6ffa4220$4feec660$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="GvXjxJ+pjyke8COw"
Content-Disposition: inline
In-Reply-To: <029401d68553$6ffa4220$4feec660$@augustcellars.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/RsLy3GObdY7TGCNlgeKN8ER1s_M>
Subject: Re: [Ace] Assignment of OSCORE Sender and Recipient IDS - was RE: Review of draft-ietf-ace-oscore-profile
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2020 13:32:25 -0000
Hello John, Jim, and ACE in general, I agree with Jim that namespacing is the obvious solution to this problem; we've had a brief discussion in a WG meeting shared with OCF earlier this year. However, the namespacing of KIDs is a difficult matter[1] and moreover little understood so far. I'm unaware of any document describing how the association between a device and an AS comes to be, let alone how the device indicates to the AS which shard of its recipient IDs it may use. (And is that a prefix or a suffix to the KID? Is it by bits or by bytes?) Having multiple AS involved with a device is a situation we should be prepared for, especially when considering that even in a closed system under single administration, the AS may be distributed for reasons of reliability. Managing those (as well as other sources of OSCORE contexts like LAKE) would be easier if the device didn't have to think through its namespacing, especially given that there might be ad-hoc decisions to be made: A server may be OK with giving out a short recipient ID to a device on the network (where it can use the source IP to pick the right context), but would pick a longer KID for a client ringing in through a proxy that has no information in its source address. At the same, time, getting endpoint chosen KIDs right is a bit harder than it is with AS-provided ones: An scenario that came up in a recent chat with John showed that if RS and C would happen to both pick the same KID and a MITM modifies the token POST, both would derive identical security contexts. Then, it suddenly becomes crucial for the security of the whole construct that the RS first verifies a request coming from C before sending any message whatsoever with that context. So to summarize, I like the idea, and I'd like to see it thought through (preferably before we even have to work out how that namespacing is manged precisely), but I'm not sure that that all the questions that'd come up in the process are realistic to address at this stage. KR Christian [1]: See https://tools.ietf.org/html/draft-amsuess-lwig-oscore-00#section-4 for a poem and some notes -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [Ace] Assignment of OSCORE Sender and Recipient I… Jim Schaad
- Re: [Ace] Assignment of OSCORE Sender and Recipie… John Mattsson
- Re: [Ace] Assignment of OSCORE Sender and Recipie… Christian Amsüss
- Re: [Ace] Assignment of OSCORE Sender and Recipie… Jim Schaad
- Re: [Ace] Assignment of OSCORE Sender and Recipie… John Mattsson